[02:57] <QnD> hey all
[02:58] <QnD> can anyone give me feedback on if "tiger" is a good route to go for a security solution
[02:58] <QnD> 12.04.3 LTS ^
[02:58] <sarnold> 12, 15 years back it was awesome.. I don't know if they've kept it up to date well enough over the years or not
[03:00] <sarnold> a lot of the steps that those 'hardening' kinds of scripts that used to be popular (e.g. bastille) are now just "default configurations" of most services; their utility isn't what they once were
[03:00] <sarnold> .. and it's not like ~/.rhosts works any more :) hehe
[03:00] <sarnold> but it might still yet be useful, I haven't looked
[03:00] <QnD> lol
[03:01] <QnD> im just looking for something that will give me a heads up... snort was another option
[03:01] <QnD> i just have transmission-cli/web and ssh running
[03:01] <sarnold> I think the false positive rate of snort might be more annoying than its worth. but, I can definitely understand the desire to have some kind of status..
[03:01] <QnD> my previous load had gotten slammed bad
[03:02] <QnD> yeh i hear ya on snort throwing all sorts of stuff out
[03:02] <QnD> that was why i kept that as a plan b
[03:02] <QnD> i dont really care about NIDS... more client side IDS
[03:03] <sarnold> apparmor profile on transmission wouldn't be out of the question :) I haven't yet seen any bittorent code that I thought looked beautifully well-written.
[03:04] <QnD> no doubt... i hate upnp aswell... but seeding doesnt seem to like the suggested single port forwarding scheme
[03:04] <QnD> why upnp is even around with no security is beyond me ?
[03:05] <QnD> that ptmx exploit being unpatched is a strange issue as well
[03:06] <QnD> what ever happened to *nix being secure ?
[03:06] <QnD> any kernel of any OS that is static in nature is an open door to shell code running too well
[03:07] <QnD> i just refuse to give up on ubuntu :(  ever since redhat sold out i swore i would stay loyal to ubuntu
[03:08] <QnD> is ssh being exploited at all .... anyone have any input on any 0day issues
[03:10] <sarnold> last I heard was a post-authentication problem that .. allowed access to user shell. Thankfully sshd's worst problems seem behind it.
[03:10] <sarnold> my dog is telling me it's time for a walk
[03:10] <QnD> right on.... priorities.... dogs are alot more loyal then people LoL
[04:12] <QnD> can anyone tell me if this is normal
[04:12] <QnD> [22:53:32] Warning: Hidden directory found: /dev/.udev
[04:12] <QnD> [22:53:32] Warning: Hidden file found: /dev/.initramfs: symbolic link to `/run/initramfs'
[04:12] <QnD> 12.04.3 server ^
[04:13] <babinlonston> I My VPS i need to Update the mysql version 5.1 to 5.5 so i need to take backup of my all database's there are totally 12 database's , how can i Backup all database's by single command, And how can i restore it after updating mysql, guide me buddies ..
[04:21] <QnD> babinlonston what about just rsync
[04:21] <QnD> or use a partition that is mirrored
[04:22] <babinlonston> QnD: im talking about Database backup
[04:22] <QnD> yeh I was figuring on backing up the DB via the actual db files
[04:24] <QnD> in mysql I am not aware of any commands that will back up everything at once... I only use *sql at a superficial level
[04:24] <QnD> just figured using a system type backup of the db files may be a solution
[04:36] <QnD> how can i trace "custom logging function 0x7fb54c021250 registered" <- udev
[04:53] <phunyguy> quick question, is it possible to have clients "register" with bind, so it stores their name and IP?
[04:59] <teenox_> Anyone up for a good challenge? I've spent over 30 hours trying to get chromium to run on a remote desktop environment and having no luck.
[05:01] <teenox_> putting lubuntu on a VPS running ubunutu 12.04 64-bit and tightvnc to vnc to desktop
[05:01] <teenox_> chromium won't launch, just a quick blink of a pink screen and crashes
[05:02] <teenox_> when I try to run "chromium-browser" from terminal, i get: Xlib extension “RANDR” missing on display ":1"
[05:02] <teenox_> exhausted everything I can come up with, so came here to beg for help ;)
[05:24] <teenox_> Someone want to take a shot at this one: http://askubuntu.com/questions/393517/lubuntu-why-wont-chromium-to-run
[06:15] <mgw> How can I prevent a process running with fakeroot from trying to read /root/.ssh (when performing an ssh operation)?
[06:18] <sarnold> mgw: I assume you more or less want it to use your /home/mgw/.ssh/ instead so that it continues to work as expected?
[06:20] <mgw> sarnold: correct
[06:20] <mgw> or perhaps some location otherwise specified
[06:20] <mgw> but /home/mgw/.ssh would be a big improvement
[06:21] <mgw> I'm trying to do a pip install within a fakeroot env
[06:21] <mgw> git+ssh
[06:21] <mgw> using dh_virtualenv
[06:21] <mgw> And of course it can neither read nor write /root/.ssh
[06:21] <sarnold> mgw: just thinking aloud, perhaps you could start a new filesystem namespace (see unshare(1)) and mount --bind /home/mgw/.ssh /root/.ssh
[06:21] <mgw> hmm, interesting idea
[06:22] <sarnold> the downside of course is that setting up the filesystem namespace requires root privs -- real root privs :) hehe
[06:22] <mgw> :-/ that wouldn't work too well then
[06:22] <mgw> I need to unwrap whatever system call is determining the location of .ssh
[06:22] <mgw> or else find an environment variable that can override it
[06:23] <sarnold> mgw: if you can stuff a HOME=/fooo just before that ssh or git command, that might do the job, way easier..
[06:23] <mgw> I can't, but maybe in front of pip
[06:24] <mgw> It's being called through subprocess.check_output (python)
[06:24] <mgw> I did try overriding HOME in env
[06:24] <sarnold> hrm, no luck there?
[06:25] <sarnold> I seem to recall that python has several ways to fiddle with environment variables, and one only modifies the current process, the other modifies the environment handed to children... is that right?
[06:25] <sarnold> sounds a little silly when I write it...
[06:26] <mgw> I'm not sure
[06:26] <mgw> trying to figure out how to google that idea
[06:26] <sarnold> http://docs.python.org/2/library/os.html
[06:27] <mgw> putenv
[06:27] <sarnold> I was wrong, it's more that os.environ[] doesn't necessarily reflect the environment if it was modified with putenv() after the os module was loaded. d'oh :)
[06:28] <mgw> doesn't work
[06:28] <mgw> Could not create directory '/root/.ssh'.
[06:30] <sarnold> bah. perhaps it's looking up home via getent
[06:30] <mgw> it's pip that's oing it
[06:30] <mgw> the actual lookup
[06:30] <mgw> or something pip calls
[06:31] <mgw> I wonder how I could remap getent back to the real one
[06:31] <mgw> without killing the fakeroot
[06:32] <mgw> or just 'whoami'
[06:32] <mgw> $ fakeroot whoami
[06:32] <mgw> root
[06:33] <sarnold> if you know it happens in pip you might be able to monkeypatch the methods in python. that sounds less fun though.
[06:36] <mgw> sarnold: https://github.com/pypa/pip/blob/master/pip/vcs/git.py#L111
[06:36] <mgw> but pip itself is being called via subprocess, not as a python package
[06:36] <mgw> or module
[06:37] <mgw> in dh_virtualenv
[06:37] <mgw> so monkeypatching isn't an option without rewriting
[06:38] <sarnold> mgw: okay. that actually makes me relieved. that's a horrible idea. :)
[06:39] <sarnold> mgw: how about git's GIT_SSH environment variable? that looks promising.
[06:39] <mgw> sarnold: https://github.com/git/git/blob/6a907786af835ac15962be53f1492f23e044f479/git-gui/lib/sshkey.tcl#L5
[06:39] <mgw> hmm
[06:40] <sarnold> tcl???
[06:40] <sarnold> someone's still writing tcl. go figure.
[06:41] <mgw> https://github.com/git/git/blob/7794a680e63a2a11b73cb1194653662f2769a792/Documentation/git.txt#L830
[06:41] <mgw> looks like it points to a binary
[06:41] <mgw> but I might be able to use that
[06:42] <mgw> that tcl link is wrong
[06:44] <sarnold> yeah, but thanks, it was worth a laugh :) hehe
[07:16] <mgw> sarnold: thanks!
[07:16] <mgw> https://gist.github.com/mgwilliams/b48fe2baa5d405edb30b
[07:16] <sarnold> mgw: Hey! that's pretty cool. :)
[07:17] <sarnold> mgw: thanks for sharing the end result :)
[09:49] <loostro> hi, i've done sudo apt-get --purge remove apache2 and then sudo apt-get install apache2
[09:49] <loostro> and it sais the package is installed, but whereis apache2 returns nothing
[09:50] <loostro> and there is nothing in /etc/apache2, /etc/init.d/apache2 does not exist
[09:51] <loostro> how do i install apache2 package?
[13:49] <rbasak> SpamapS: thanks, will do.
[15:43] <hXm> hello
[15:43] <hXm> someone alive?
[15:44] <hXm> i have a dedicated server with various domains, I want to make a smtp service, I also want to receive emails but forwarding them
[15:44] <hXm> is that possible?
[15:45] <hXm> or I need create a full imap server
[15:49] <SpamapS> hXm: IMAP is for downloading email that has been delivered to a mail server.
[15:50] <SpamapS> hXm: SMTP is used to transport email between servers.
[15:51] <SpamapS> hXm: you probably want this https://help.ubuntu.com/lts/serverguide/email-services.html
[15:51] <hXm> yes, I just wanted to receive an email ni my server and forward it to my main@account.com without configure 2 acocunts
[19:06] <OtherGordo> Hey, I have OpenBSD 5.4 running as a guest under a Ubuntu 12.04 LTS KVM, but am having an issue with virsh shutdown not working / freezing guest.
[19:06] <OtherGordo> Install steps and details: https://gist.github.com/gordonturner/8069133#file-openbsd-5-4-guest-shutdown-md
[19:06] <OtherGordo> Any suggestions are welcome.
[19:12] <RoyK> OtherGordo: guess #openbsd would be appropriate
[19:13] <OtherGordo> RoyK: I just came from there :-)
[19:23] <RoyK> OtherGordo: hehe
[20:00] <lifeless> smoser: ping - around?
[21:24] <RoyK>  
[23:15] <Nicekiwi> hey so I'm getting a segmentation fault when I run apt-get update, help?